<?php
include 'const.php';

//判断前端是否传递username数据
if (isset($_POST['username'])) {
    $name = $_POST['username'];
    $username = $const->query("SELECT * FROM registry_login WHERE username='$name'");
    if ($username->fetch_assoc()) { //用户名正确


        if (isset($_POST['password'])) { //密码存在
            $pass = sha1($_POST['password']); //密码是加密后进行对应
            // $pass = $_POST['password'];
            // echo $pass ;

            $result = $const->query(" SELECT * FROM registry_login WHERE username='$name' and password='$pass' "); //用户名和密码进行匹配

            if ($result->fetch_assoc()) { //用户名和密码正确
                session_start(); //启动session存储
                $captcha = $_POST['captcha']; //获取前端传入的验证码

                // strtolower():转换成小写
                if (strtolower($_SESSION["captcha"]) ===  strtolower($captcha)) {
                    echo 'success';
                } else {
                    echo 'captchafail';
                }
            } else {
                echo 'passwordfail';
            }
        }
    } else {
        echo 'nameno';
    }
}
